Cybersecurity for the C-Suite panel discussion at Florida Cyber Conference 2019
There is no denying the fact that cyber technologies have quickly become crucial assets of our daily lives. Both business and personal affairs rely almost entirely on modern technology, and as a result cyberattacks have become a daily occurrence that continue to grow more harmful as cybercriminals develop sophisticated methods of destruction.
While in the past, many relegated cybersecurity as strictly an IT concern, today’s advanced technological culture means that it is no longer plausible for cyber threats to be a concern only for CISO’s, IT directors, and others within the technology industry. The Cybersecurity for the C-Suite panel discussion at Florida Cyber Conference 2019 gathered world-renowned cybersecurity experts from various sectors to discuss the responsibility of all C-suite executives—not just the CISO or CIO–in ensuring efficient cybersecurity within their organizations.
Contributing to the discussion were Andy Zolper, SVP, CISO, and head of technological infrastructure at Raymond James Financial; Diane Janosek, NSA commandant for the National Cryptologic School; and Terry Roberts, founder, president, and CEO of WhiteHawk, Inc. The panel was moderated by Mark Clancy, VP of cybersecurity and CISO for Sprint.
The session dove into the ways that cybersecurity impacts the C-level professional, changes in accountability and business models, and what it means to build a cyber-strong workforce.
Read on for a taste of the enlightening panel discussion, and tune into Cyber Florida’s No Password Required podcast to listen to the full presentation, available here and from all major podcast platforms.
Cybersecurity and the C-Suite
One of the most crucial topics addressed during this hour-long discussion was the need to convey the value of cybersecurity with C-suite level executives across the nation.
With 72% of attacked organizations claiming employee negligence and lack of awareness as a top cyber risk, it is critical for company executives to understand their level of accountability regarding their organization’s cyber preparedness.
Whether there are 15,000 or 15 employees, organizations and businesses of any size and industry that fail to address cybersecurity are at serious risk of falling victim to cyber threats.
WhiteHawk CEO Terry Roberts used the data breaches of Target and Sony to exemplify the potential consequences of a cyberattack within larger organizations. In addition to the millions of dollars spent on recovery and damaged reputations, the CEO’s of both companies were released from their positions due to their respective roles in the crises.
These data breaches proved that the consequences of a cyberattack could directly impact even the highest-level executives and convinced many C-suite executives to embrace cybersecurity within their organizations, according to Roberts. However, in the fast-paced cyber industry, where trends are constantly changing and new threats emerge every day, there is always room for improvement.
Commandant Janosek, Ms. Roberts, and Mr. Zolper each advocated that the first step C-suite executives should take to improve their cyber knowledge is to use outside resources to gain an honest understanding of their organization’s cyber risk. Focusing first on the fundamentals of cybersecurity, such as cyber hygiene and social engineering training, are simple steps that can improve employee awareness and in turn reduce the risk of threats.
Throughout the discussion, Commandant Janosek stressed the fact that cybersecurity affects every single person across the globe, regardless of whether they are aware of it or not. When speaking about how to explain the true value of cybersecurity to those outside the industry she said, “In 2020 there will be 20 billion IoT devices across the globe, yet nowhere in the U.S. Constitution is the word ‘cyber’ mentioned.”
The main take-away? With no formal guidelines on how to handle the increasing need for efficient cybersecurity, it is crucial for leaders in all sectors to share information and work together to create a more unified cyber culture across the globe.